The Pandemic Effect: 2020’s Cybersecurity Landscape

Posted on October 6, 2020

The COVID-19 pandemic has significantly affected how most businesses operate, and forced them to quickly evolve and adapt. The cybersecurity space is no exception. Standard security threats continue to loom, and novel challenges have emerged in 2020 as well. 

To get a pulse on how the pandemic has affected the threat landscape, we got in touch with executives from top cybersecurity organizations to ask the following question: 

We’re three-quarters of the way through a year filled with uncertainty, between the pandemic and the upcoming elections; how has the cybersecurity threat landscape evolved in the wake of a changing world? 

Here’s what they had to say.

Fleming Shi, CTO, Barracuda Networks
Starting before the pandemic, the world was in a rapid digital transformation phase with the mass adoption of public cloud infrastructure. This trend broadened the cybersecurity threat landscape to require adequate Cloud Security Posture Management for your cloud infrastructure provider or providers. It also increased the need for securing workloads and data across hybrid cloud infrastructure with a cost-effective and comprehensive SD-WAN solution.Since the pandemic, the threat landscape further extends to home offices, and it’s essential to secure the workforce with an endpoint solution that can continuously deliver Zero-Trust policy enforcement.

Twitter: https://twitter.com/shifleming 
LinkedIn: https://www.linkedin.com/in/flemingshi/

Dan Dinnar, CEO, Source Defense
The cyber threat landscape has changed dramatically through the COVID-19 pandemic, mainly due to the targeted nature and ability to focus on specific attack arenas.
With the move to work-from-home, many organizations had to adjust to staff working outside of the office and on home networks. This required a significant adjustment in terms of additional endpoints, more endpoint security, and several other network modifications.
As businesses focused on endpoint security, there was another major change that organizations had to contend with. Suddenly, all of a company’s traffic and transactions moved online from the traditional brick and mortar retail shops, banks, agencies etc. This required organizations to double down on website function and performance, focusing on the customer’s journey, analytics, ad performance etc., which in turn meant adding more JavaScript to their website. While traditional security spend has been focused on protecting the server side of the website, we have seen a shift to protecting the client side, which is an arena for major threats like Magecart, Formjacking, e-skimming, and others. 
Today, we are seeing more and more financial, retail, and healthcare organizations understanding that client-side website security is a high priority and quickly becoming a top five project for late 2020 and 2021.

LinkedIn: https://il.linkedin.com/in/dan-dinnar-9341ab

George Gerchow, CSO, Sumo Logic
What we have seen over the course of the last three months is complacency when it comes to security by most organizations, and a ramp up in bad actor activity. This is not a good combination, as successful nation attacks and ransomware are on the rise, while security budgets are being slashed.

Twitter: https://twitter.com/georgegerchow 
LinkedIn: https://www.linkedin.com/in/georgegerchow/

Krishna Narayanaswamy, Co-Founder & CTO, Netskope
The COVID-19 pandemic has led to some dramatic changes in the enterprise security landscape. It has created the network inversion effect, where work is getting done remotely outside the confines of the workplace, where most of the security investments have been focused. 
According to the Netskope Cloud and Threat Report August 2020, the personal use of company-provided devices has increased by 97 percent, and the use of risky applications and websites from those devices has increased by 161 percent. Threat actors are taking advantage of these trends and leveraging popular cloud apps as launching pads for attacks. 
Recent phishing and malware attacks are leveraging the COVID-19 theme to lure unsuspecting users to fall prey to their baits. Security practitioners are leveraging Secure Access Service Edge (SASE) solutions to secure their users from the threats discussed above. A well-delivered SASE solution is one that is built on a low access latency, highly available network infrastructure on which the security service is hosted. 
This makes the difference in the user experience of a patient having a telemedicine appointment with their care provider or an investment professional making a timely stock trade. The end goal is to make the cloud security service the enabler of a safe and productive workforce, even in these unprecedented times.

LinkedIn: https://www.linkedin.com/in/krishna-narayanaswamy/

We may not know what the rest of the year holds, but one thing is certain — the remote workforce has reinforced the need for a cybersecurity model that extends to a perimeter-less network. Security has always been, and will continue to be (now even moreso), an essential service for businesses of all sizes.